The Cyences App for Splunk was designed to allow users complete visibility of their system’s security status. It was created with the intention of becoming a seamless piece of the Blue team arsenal for security engineers and administrators. The forensic interface based on the MITRE ATT&CK framework to quickly identify areas of concern. continuous quarterly enhancements are occurring towards achieving that goal. These updates will continue to improve tool customization and scalability with advanced search features, alerting, machine learning, and AI. By default, the Cyences app provides a multitude of alerts and dashboards in the following categories: Active Directory / Azure Active Directory, Linux / Unix, Windows, Windows Patch, Sysmon, Antivirus / Antimalware, CrowdStrike. Kaspersky, Office 365 Defender ATP, Sophos Central, Windows Defender, Authentication, Cloud Tenancies, Amazon Web Services, G Suite, Microsoft Office 365, Microsoft, Azure Graph Security Score, DNS Tracker, Email, Microsoft Office 365 Reporting, Lansweeper, Network Devices, Cisco IOS, Fortinet FortiGate, Palo Alto Networks, Sophos Firewall, Ransomware, VPN, Cisco Anyconnect, Fortinet FortiGate, GlobalProtect (Palo Alto), Vulnerability, CrowdStrike Spotlight, Qualys, Tenable. Apart from alerts and dashboards, the Cyences App also integrates with some other well-known tools to create important dashboards that would add intelligence to your security investigation and auditing processes: Asset Intelligence, Device Inventory Table, Globally Detected Malicious IPs Documentation - https://crossrealms.github.io/Splunk-Cyences-App-for-Splunk/